Home / Jul 08, 2026 / Story
0
#4 The Hacker News general July 07, 2026 at 05:16 UTC

BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA

By [email protected] (The Hacker News)

AI Summary

BeyondTrust patched two critical pre-authentication vulnerabilities in its Remote Support (RS) and Privileged Remote Access (PRA) products: CVE-2026-40138 (CVSS 9.2) and a second flaw, both allowing unauthenticated attackers to take control of devices. Given BeyondTrust's prior exploitation history (a critical PRA/RS RCE was weaponized in late 2024), these flaws in privileged access management software are a high-priority patching concern.

Relevance score: 89.0/100

# More from July 08